HoneyDrive 3 - The Premier Honeypot Linux Distro

HoneyDrive is the premier honeypot Linux distro. It is a virtual
appliance (OVA) with Xubuntu Desktop 12.04.4 LTS edition installed. It
contains over 10 pre-installed and pre-configured honeypot software
packages such as Kippo SSH honeypot, Dionaea and Amun malware honeypots,
Honeyd low-interaction honeypot, Glastopf web honeypot and Wordpot,
Conpot SCADA/ICS honeypot, Thug and PhoneyC honeyclients and more.
Additionally it includes many useful pre-configured scripts and
utilities to analyze, visualize and process the data it can capture,
such as Kippo-Graph, Honeyd-Viz, DionaeaFR, an ELK stack and much more.
Lastly, almost 90 well-known malware analysis, forensics and network
monitoring related tools are also present in the distribution.

HoneyDrive 3 RELEASE NOTES:

1) HoneyDrive 3 has been created entirely from scratch. It is based
on Xubuntu Desktop 12.04.4 LTS edition and it is distributed as a
standalone OVA file that can be easily imported as a virtual machine
using virtualization software such as VirtualBox and VMware.

2) All the honeypot programs from the previous version of
HoneyDrive are included, while they have also been upgraded to their
latest versions and converted almost entirely to cloned git repos for
easier maintenance and updating. This latter fact on its own could be
considered reason enough to release the new version.

3) Many new honeypot programs have been installed that really make
HoneyDrive 3 “complete” in terms of honeypot technology, plus around
50(!) new security related tools in the fields of malware analysis,
forensics and network monitoring.

4) The main honeypot software packages and BruteForce Lab’s projects
reside in /honeydrive. The rest of the programs reside in /opt. The
location of all software can be found inside the README.txt file on the
desktop.

5) HoneyDrive 3 doesn’t make itself as known to the outside world as
the previous version. There are no descriptive messages and apart from
Kippo-Graph and Honeyd-Viz every other piece of software is not
accessible from the outside (unless if you configure them otherwise, or
even lock down Kippo-Graph and Honeyd-Viz as well).

A note on versioning: previous versions of HoneyDrive started with a
zero (0.1 and 0.2) which seemed confusing to some. I didn’t like it
either and in the end I decided to “renumber” those as versions 1 and 2,
essentially making this new version HoneyDrive 3, .i.e the third
official release.

FREQUENTLY ASKED QUESTIONS:

Why use HoneyDrive?

HoneyDrive saves you time! It has all the major honeypot-related
software pre-installed and pre-configured to work out of the box (or
with some configuration options of your liking). As I have seen many
times in comments or support requests I get, setting up a honeypot
system is not always something easy. This is especially true for new
infosec enthusiasts or sysadmins and “hard” to set up software like
Dionaea for example.

What utilities and software are included in HoneyDrive?

HoneyDrive contains all the major honeypot-related software and a
ton more useful tools. For a complete list you’ll have to take a look at
the README.txt file included in the virtual appliance (you’ll find it
on the desktop) or online at the downloads section of SourceForge (link
above).

Why isn’t [insert-name-here] included in HoneyDrive?

Unfortunately I can’t keep track of every different piece of
software. But, I’m very open to suggestions about HoneyDrive! If you
know a tool that could be of benefit please let me know by leaving a
comment on this page and it will be included in the next release of
HoneyDrive.

What is the password for [insert-name-here]?

Again, your best bet is reading the README.txt file included in the
virtual appliance or found online at the downloads section of
SourceForge (link above). Every password you will need is included in
its appropriate section.

CHAGELOG:

HoneyDrive 3

Upgraded ALL existing honeypot software to the corresponding latest versions.